Bug 1286480 - [10.12] Widevine CDM always crashes on Amazon since upgrade to macOS Sierra. r=gcp, a=lizzard
authorHaik Aftandilian <haftandilian@mozilla.com>
Thu, 11 Aug 2016 00:57:52 -0700
changeset 342401 1ffc259ce08b092e218cfdc4d719fb9bb8c7a903
parent 342400 90d0af29d7dcf24251a67571870b1111ded1884e
child 342402 23c836ad8064934b95bb262c23323bcb2cb566c5
push id1183
push userraliiev@mozilla.com
push dateMon, 05 Sep 2016 20:01:49 +0000
treeherdermozilla-release@3148731bed45 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgcp, lizzard
bugs1286480
milestone49.0
Bug 1286480 - [10.12] Widevine CDM always crashes on Amazon since upgrade to macOS Sierra. r=gcp, a=lizzard Allow /System/Library/PrivateFrameworks/ to be read from the from the plugin sandbox.
security/sandbox/mac/Sandbox.mm
--- a/security/sandbox/mac/Sandbox.mm
+++ b/security/sandbox/mac/Sandbox.mm
@@ -141,16 +141,17 @@ static const char pluginSandboxRules[] =
   "    (global-name \"com.apple.ls.boxd\"))\n"
   "(allow file-read*\n"
   "    (regex #\"^/etc$\")\n"
   "    (regex #\"^/dev/u?random$\")\n"
   "    (regex #\"^/(private/)?var($|/)\")\n"
   "    (literal \"/usr/share/icu/icudt51l.dat\")\n"
   "    (regex #\"^/System/Library/Displays/Overrides/*\")\n"
   "    (regex #\"^/System/Library/CoreServices/CoreTypes.bundle/*\")\n"
+  "    (regex #\"^/System/Library/PrivateFrameworks/*\")\n"
   "    (regex #\"^/usr/lib/libstdc\\+\\+\\..*dylib$\")\n"
   "    (literal \"%s\")\n"
   "    (literal \"%s\")\n"
   "    (literal \"%s\"))\n";
 
 static const char widevinePluginSandboxRulesAddend[] =
   "(allow mach-lookup (global-name \"com.apple.windowserver.active\"))\n";